Comments (3)
ib-lundgren
commented on July 24, 2024
This is indeed curious behaviour and a great example of the real reason OAuth 1 is a bit of a mess (trying to recreate SSL). Flickr are essentially extending the OAuth RFC, which does not cover protection of body parameters in multi part requests. What they are doing does not add a whole lot of value as it does not protect the binary blob (photo) itself.
There is currently no support for this in requests-oauthlib. It can be worked around but not very cleanly. What you would need to do is use the OAuth1 auth client (requests_oauthlib.OAuth1) and create one prepared request and one real request. Something a long the lines of
import requests
import requests_oauthlib
flickr = 'http://up.flickr.com/services/upload/'
client = requests_oauthlib.OAuth1('your_client_key', ....)
data = { 'title': 'sometitle', 'description': '...'}
raw = requests.Request('POST', flickr, data=data, auth=client)
prepared = raw.prepare()
auth = {'Authorization': prepared.headers.get('Authorization')}
requests.post(flickr, data=data, headers=auth, files=(('photo', '/home/you/photo.jpg'),))
but I've not tested whether this works.
from requests-oauthlib.
dargad
commented on July 24, 2024
The workaround works as expected, thanks!
from requests-oauthlib.
ib-lundgren
commented on July 24, 2024
Don't think this is a common enough case to be included in the library but a good candidate for inclusion in the documentation. Labelling docs for now and will close when its featured in the docs somewhere. cc #48
from requests-oauthlib.
Related Issues (20)
- why passing requests kwargs that may contain request params to refresh_token request ? HOT 1
- Optional
- Felse HOT 2
- (Optinal)
- Superseded by #2445.
- Thanks for stopping by to let us know something could be better! HOT 1
- `oauth2_session.OAuth2Session.refresh_token` creates infinite loop with Exchange Online when token expires
- Trying to use OAuth1Session with Flickr - requests_oauthlib.oauth1_session.VerifierMissing: No client verifier has been set. HOT 1
- ## Description HOT 1
- Add refresh token exception hook to list of compliance hooks?
- Requirements out of date HOT 2
- Hkş HOT 2
- Scope changes with Microsoft services & `offline_access`
- Question: Is this project maintained? HOT 1
- Compliance fix for tokens that never expire (e.g. Mailchimp)
- Redo request after token is updated
- Why is the backend client workflow asking for a code or a response url? HOT 1
- refresh token workflow HOT 1
- rsengun HOT 1
- How to test if LinkedIn token is still valid and re-use? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from requests-oauthlib.